[cvsnt] Setting up shared repositories

Gerhard Fiedler lists at connectionbrazil.com
Wed Aug 15 19:38:41 BST 2007

Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.

Michael Wojcik wrote:

>> From what I read about this, sserver is pserver over SSL. 
>> AFAIK SSL works like this (simplified):
>> - Client requests a connection, telling what ciphers it supports
>> - Server uses best cipher it also supports and sends cert, 
>> usually containing a public key and a CA (if no CA, the cert 
>> has to be trusted on the client)
> Not really.  

Thanks for the clarifications. 

> First, a CA (Certification Authority) is an organization, not a document;
> you can't "send a CA".  

Of course not... :)  What I meant with "send a CA" was "send the
information that allows the receiver to contact a commonly trusted CA and
verify the certificate" (like someone may ask me to "give [her] my email"

So in the end, it seems still to boil down to that a cert has either to be
trusted on the client, or be signed by a CA that's trusted on the client. 

And you seem to say that by installing the cvsnt client, the certificate
that comes with it is automatically trusted (by the cvsnt client), right?

> If you want real security, with authentication, you replace that
> self-signed certificate with a proper CA-signed one, and make sure the
> client has the appropriate root certificate available, and configure the
> client to require a properly-signed server certificate.

Or you use your own self-signed certificate, and make sure it's registered
as trusted on all clients.


More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook